package edu.faytechcc.csc.database;

import java.sql.*;

/**
 * This is only to check the log in credentials
 *
 * CSC 251 0001 DATE:
 *
 * @author Stephanie Mckenzie
 */
public class LogIntoDatabase
{

    private String name;
    private char[] password;
    //create a named constant for the URL
    private final String DB_URL = "jdbc:derby:LogInDB";

    /**
     *
     * @param name
     * @param password
     * @return
     */
    public LogIntoDatabase(String name, char[] password)
    {
        this.name = name;
        this.password = password;
    }

    /**
     * Checks if the name exists in the database, name is not case sensitive
     *
     * @param name
     * @return
     */
    private boolean MatchName(String name)
    {
        try
        {
            Connection conn = DriverManager.getConnection(DB_URL); //connect
            Statement stmt = conn.createStatement();
            String sqlStatement =
                    "SELECT * FROM LogIn "
                    + "WHERE UserName = '" + name + "'";
            ResultSet result = stmt.executeQuery(sqlStatement);
            if (result.next())
            {
                String nameResult = result.getString("UserName");

                //convert to lowercase so it's not case sensitive.
                nameResult = nameResult.toLowerCase();
                name = name.toLowerCase();

                //compare name and nameResult
                return (name.compareToIgnoreCase(nameResult) == 0);
            }
        } catch (Exception ex)
        {
            System.out.println("ERROR: " + ex.getMessage());
        }
        return false;
    }

    /**
     * Checks if the password matches the username. Password is case sensitive.
     *
     * @param password
     * @return
     */
    private boolean MatchPassword(char[] password)
    {
        try
        {
            Connection conn = DriverManager.getConnection(DB_URL); //connect
            Statement stmt = conn.createStatement();
            String sqlStatement =
                    "SELECT * FROM LogIn "
                    + "WHERE UserName = '" + name + "'";
            ResultSet result = stmt.executeQuery(sqlStatement);
            if (result.next())
            {
                char[] nameResult = result.getString("Password").toCharArray();

                for (int index = 0; index < nameResult.length; index++)
                {
                    if (password[index] != nameResult[index])
                    {
                        return false;
                    }
                }

                return true;

            }
        } catch (Exception ex)
        {
            System.out.println("ERROR: " + ex.getMessage());
        }
        return false;
    }

    public boolean validateLogIn()
    {
        return MatchName(this.name) && MatchPassword(this.password);
    }

    @Override
    public String toString()
    {
        if (MatchName(this.name) && MatchPassword(this.password))
        {
            return "Correct";
        } else
        {
            return "Incorrect";
        }
    }
}
